The cybercrime nodal agency CERT-In has highlighted some major vulnerabilities in the Google Chrome browser for desktops. The agency has given the threat a ‘Severity Rating’ of ‘HIGH’. The agency has highlighted the versions that are impacted by the multiple flaws and it has also provided a resolution that should be adhered to immediately. Also Read – Govt reveals steps taken to fight cybercrime in India
According to CERT-In, the Google Chrome version prior to 101.0.4951.41 has been impacted by the new flaw in the software. Also Read – Google Maps gets toll road price estimates and better navigation system
Google Chrome flaws
CERT-In has highlighted multiple vulnerabilities in Google Chrome. These flaws can be exploited in order to allow a remote attacker to execute arbitrary code and in the process also obtain sensitive information. The hacker will be able to bypass security restrictions and cause buffer overflow on the targeted system. Also Read – Google rolling out Chrome’s milestone update: List of top features, changes
The agency claims that these vulnerabilities exist in Google Chrome due to Use after free in Vulkan, SwiftShader, ANGLE, Device API, Sharin System API, Ozone, Browser Switcher, Bookmarks, Dev Tools and File Manager; Inappropriate implementation in We Extensions API, Input, HTML Parser, Web Authentication and iframe; Heap buffer overflow in WebGPU and Web UI Set Confusion in V8; Out of bounds memory access in UI Shelf; Insufficient data validation in Blink Editing, Trusted Type Tools; Incorrect security UI in Downloads.
How to stay safe
CERT-In has claimed that in order to stay safe, the users will have to upgrade to Google Chrome version 101.0.4951.41. Any version before this can be susceptible to attacks from hackers, which could eventually lead to the loss of sensitive data.
Google has also acknowledged the issues. The search giant listed 30 vulnerabilities on the Chrome blog post, out of which seven have been classified as ‘High’ threats. The vulnerabilities have been spotted for Windows, Mac, and Linux platforms
In a note, Google said, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
Google has claimed that the Update for Windows, Mac and Linux is already rolling out. The update should reach users over the coming days or weeks.
If your browser does not update automatically, you can force it to move to the latest version by finding it manually. Here’s how you can do that:
-Go to the right corner and click on the three horizontal dots
-You will get a drop-down menu
-In that menu look for the settings option
-Once you enter settings, you need to click on Help and then on About Google Chrome
-Chrome should download any pending update
-Once it is installed, you might have to shut down the browser and reopen it.